The widespread use of the Internet as an electronic communication medium has made the use of electronic mail, otherwise known as email, very common among users of data processing systems, including general purpose computer systems, cellular telephones, personal digital assistants (PDAs), Internet appliances, and other types of data processing systems. While email provides for the rapid exchange of text and other information through a network, it does present certain problems to users. One such problem is referred to as phishing or an email spoofing scam. A spoofing scam has the potential to inflict serious losses of data and direct monetary losses due to fraud and other schemes, and the spoofing scam may be part of an attempt at identity theft. A classic example of a spoofing scam is the creation of email messages that appear to be emails sent from legitimate sources, such as a bank. A spoofing scam will typically attempt to fool a user into submitting personal, financial, or password data to the originator of the scam, allowing them to use such data for currency transfers and other fraudulent and potentially criminal schemes. Typically, a spoofing scam involves an email which arrives with the spoofed company's logo and email layout. These spoofed emails may direct the user through a link in the email to a spoofed Web page which is a fake representation of a legitimate Web page, such as a Web page of amazon.com or a bank's Web page, and the spoofed Web page asks the user to enter personal, financial or password data or other types of data sought by the organizers of the scam. The organizers of these types of scams use sophisticated techniques to make it difficult to determine the originator of the email. They often will make the email appear as if it came from a legitimate source, such as amazon.com or a bank's Web site, or a bank. By faking the identity of a legitimate source, the scammers are attempting to fool users into believing that the email is authentic and actually from the legitimate owner, such as amazon.com or a bank or other organizations which are well known to users. By adding a link (e.g. a URL), in the seemingly authentic email, to a fake Web site, it is easy for a user to select the link (e.g. by “clicking” on the link in the email) which causes a Web browser to open a window and to display the fake Web site. It is relatively easy to copy an authentic Web site (e.g. copy the HTML code and graphics and text of the Web page or pages), so the user may be easily tricked into giving their personal, financial, etc. data to the scammer.
In response to these scams, a working group known as the anti-phishing working group has been established; this working group now has a Web site at www.antiphishing.com. This working group has identified certain solutions to address the threat of spoofing scams. One of these solutions involves the use of digitally signed email. However, such solutions will often require users, such as users at a home, to have a relatively high level of sophistication necessary to install the authentication data and to maintain the authentication data.
Thus it is desirable to provide a simple solution to guard against email spoofing.